Security is everyone’s responsibility
If you are clear about the results you expect from the logical and physical security of information and have the right people in the right positions, remember that information security for all other employees must become part of the daily way of working. Information security is still too much of a “for and by IT” issue, while it should be the responsibility of every employee in an organization.
CRANIUM understands that policies and procedures are used for different purposes and therefore take many forms. When drawing up policies and procedures, we use the principle that the average employee of an organisation should be able to work with them. A formal, legal, unreadable reference book that does not explain how to act is not useful. When it comes to information security, you have to think of policies for the management, storage and destruction of information, but also of procedures for testing external IT suppliers, a data breach protocol, development and testing and Security by Design & Default.
CRANIUM can fully support you in drawing up your information security policies and procedures. We translate your wishes and existing management measures into the right templates for the various target groups in your organisation, whereby we also make the link to procedures for retention and destruction and a processing register in order to provide you with a coherent set of documentation.